npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

shipkit-pipe

v3.1.0

Published

Your automated dev team. One command sets up CI/CD, health monitoring, security scanning, and AI agent config. Only generates what your project needs.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

sagar-grvsagar-grv

Keywords

shipkitcicddevopssolo-devai-agentsgithub-actionsmonitoringhealth-checkproductiondeveloper-toolsautomation

Readme

ShipKit — Your Automated Dev Team

One command sets up CI/CD, health monitoring, security, and AI agent config. Reads your project. Generates only what you need. Zero questions. Works everywhere.

npm License CI

npx shipkit-pipe              # Auto-detect & generate
npx shipkit-pipe --dry-run    # Preview without writing
npx shipkit-pipe check        # Verify everything works

✨ What Makes ShipKit Different

| Before ShipKit | After npx shipkit-pipe | |---|---| | Manually configure CI/CD for every project | CI auto-generated from your scripts | | CI fails because config doesn't match your package.json | Smart CI — only generates steps for scripts that exist | | No health monitoring — find out your site is down from users | Health check pings every 6h, auto-creates GitHub Issues | | Set up CodeQL, Dependabot, security manually | Security + dependency updates generated automatically | | Write separate prompts for your AI agent | AGENTS.md + shipkit.json — agent knows your stack | | GitLab / Bitbucket? Must write CI from scratch | Detects your platform, generates the right format |

🚀 Quick Start

# In any project directory:
npx shipkit-pipe

# That's it. Your pipeline is ready.

What gets generated:

| File | Purpose | |---|---| | shipkit.json | Project config — AI agent reads this | | AGENTS.md | Universal AI agent protocol | | .github/workflows/ci.yml | Smart CI — only scripts you have (lint → test → build) | | .github/workflows/health.yml | Pings your site every 6h, creates issue if down | | .github/dependabot.yml | Weekly dependency updates | | .github/workflows/codeql.yml | Security vulnerability scan |

For GitLab: generates .gitlab-ci.yml instead of GitHub Actions. For Bitbucket: generates bitbucket-pipelines.yml.

🧠 How Detection Works

ShipKit reads your existing files — it never asks what it can detect:

| What | Reads from | |---|---| | Framework | package.json dependencies (next, react, vue, express, etc.) | | Scripts | package.json scripts — only includes what exists | | Package manager | pnpm-lock.yaml, yarn.lock, bun.lockb | | Node version | .nvmrc, .node-version, or engines.node | | Git platform | git remote origin URL (GitHub / GitLab / Bitbucket) | | Deploy URL | vercel.json, fly.toml, or package.json homepage | | Monorepo | Scans frontend/, backend/, web/ subdirectories | | Non-Node | Detects pyproject.toml, go.mod, Cargo.toml, docker-compose.yml |

📋 Commands

| Command | Description | |---|---| | npx shipkit-pipe | Auto-detect & generate (default, no prompts) | | npx shipkit-pipe --dry-run | Preview what would be generated | | npx shipkit-pipe check | Validate CI, ping site, check deps | | npx shipkit-pipe -i | Interactive mode (ask questions) | | npx shipkit-pipe --help | Show help | | npx shipkit-pipe --version | Show version |

🔧 Alternate Install Methods

# Linux / macOS (no Node.js?):
curl -fsSL https://raw.githubusercontent.com/sagar-grv/shipkit/main/setup.sh | bash

# Windows PowerShell:
irm https://raw.githubusercontent.com/sagar-grv/shipkit/main/setup.ps1 | powershell

# Or globally:
npm install -g shipkit-pipe

🏗️ What You Get

Smart CI/CD

Generates GitHub Actions (or GitLab CI, or Bitbucket Pipelines) that only include steps for scripts that exist in your package.json. Have a lint script? You get a lint step. No test script? No test step. Your CI never fails because of bad config.

Health Monitoring

A GitHub Action workflow pings your production site every 6 hours. If it's down → auto-creates a GitHub Issue. When it recovers → auto-closes the issue. You know before your users do.

Security Scanning

CodeQL scans every push + PR for vulnerabilities. Dependabot opens auto-PRs when dependencies need updates. No manual checking.

AI Agent Memory

Generates AGENTS.md and shipkit.json so your AI agent (Claude Code, Cursor, GitHub Copilot, OpenCode) knows your stack, your rules, and what happened last session.

🔐 Security Gates

| Gate | What It Catches | When | Who | |---|---|---|---| | CI (lint → test → build) | Code quality, broken tests, build failures | Push / PR | Auto | | CodeQL | 100+ vulnerability classes | Every push | Auto | | Dependabot | Vulnerable npm/GitHub Actions deps | Weekly | Auto | | Health check | Site down / unreachable | Every 6h | Auto |

🤝 Supported Platforms

| Category | Supported | |---|---| | Git platforms | GitHub, GitLab, Bitbucket | | AI Agents | Claude Code, Cursor, GitHub Copilot, OpenCode, CodeGPT, any | | Frontend | Next.js, React, Vue, Svelte, Astro, Nuxt, Express, any | | Backend | Node.js, Python, Go, Rust, Docker | | Deploy | Vercel, Netlify, Fly.io, Railway, Render, Docker, any | | Package Managers | npm, pnpm, yarn, bun | | Project types | Single app, monorepo, empty directory, any framework |

📄 License

Apache 2.0 — Free to use, modify, and share.

ShipKit — Because your solo project deserves a production pipeline.